]> git.koha-community.org Git - koha.git/commit
Bug 18124: Change the calls to generate and check CSRF tokens
authorJonathan Druart <jonathan.druart@bugs.koha-community.org>
Wed, 15 Feb 2017 16:14:13 +0000 (17:14 +0100)
committerKyle M Hall <kyle@bywatersolutions.com>
Thu, 30 Mar 2017 09:07:09 +0000 (09:07 +0000)
commit574d48362d32c14920712ae35bdd28101785315c
tree222201043d6bfb16dbf847cf727836707a090835
parent7190593d9dd38001c2d101bcad5cddc222a45ebe
Bug 18124: Change the calls to generate and check CSRF tokens

The parameter change in Koha::Token should be applied to the calling
scripts.

Test plan:
Confirm that the different forms of the scripts modified by this patch
still work correctly.

Test the problematic behavior:
Open 2 tabs with in same user's session, go on the edit patron page
(memberentry.pl).
Log out and log in from the other tab.
Submit the form
=> Wrong CSRF token should be raised

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
basket/sendbasket.pl
members/deletemem.pl
members/member-flags.pl
members/member-password.pl
members/memberentry.pl
members/moremember.pl
opac/opac-memberentry.pl
opac/opac-sendbasket.pl
tools/import_borrowers.pl
tools/picture-upload.pl